Blackberry 10 Sends Full Email Account Credentials To RIM

vikingpower writes “How a phone manufacturer making a somewhat successful come-back can shoot itself in the foot: Marc “van Hauser” Heuse, who works for German technology magazine Heise, has discovered that immediately after setting up an email account on Blackberry 10 OS, full credentials for that account are sent to Research In Motion, the Canadian Blackberry manufacturer. Shortly after performing the set-up, the first successful connections from a server located within the RIM domain appear in the mail server’s logs. (Most of the story in English, some comments in German.) At least according to German law, this is completely illegal, as the phone’s user does not get a single indication or notice of what is being done.” (Here’s Heise’s article, in German.) Read more of this story at Slashdot.

This month’s posts:

About Ken May

Kenneth May is a certified cybersecurity professional. He and his team offer services such as Advanced Vulnerability Assessments, Network Penetration Testing, Web Application Penetration Testing, and a wide array of compliance services covering HIPAA, PCI, and the various NIST & DOD requirements. Ken is a Community mentor for SANS, the largest Cybersecurity certification preparation company in the world, and carries both the GSEC and GPEN (Certified Ethical Hacker and Penetration Tester) certifications. He has recently been accepted into the FBI’s Infragard program, as a recognized protector of critical national infrastructure. This program gives him deep access to information and resources to protect his clients.